Dear All
> The solution to that problem is to add the DN/CA combination as an additional certificate to the user entry (by a VO admin).
Having just run into the problem of knowing how what to put into the Subject field when adding a new DN/CA combination to cater for the 2B CA certificate, Subject actually means your full user DN. If you are unsure of your DN details you can check your certificate via https://ca.grid-support.ac.uk/cgi-bin/pub/pki?cmd=getStaticPage&name=index.
When you click the request certificate button it will trigger an email to the VOMS admin who can then approve/reject the request. If you are the VO admin you can approve yourself!
To get to your VO registered information to begin with go via:
1) https://voms.gridpp.ac.uk:8443/voms/gridpp/sibling/siblings.action
2) Click your VO
3) Under the top sub-menu click "Users"
4) Find your entry and click "more info" for that name.
Some of these details are documented in the gridpp wiki but this requires updating in places: https://www.gridpp.ac.uk/wiki/Instruction_for_VO_administrators#GridPP_VOMS_support. I am hunting for the NGS/NGI /EGI VO (admin) user guides. Mostly the guides are for VOMS admins. If anyone is aware of user level documentation please could they let me know so that we can be sure to link to it and request it is linked in better with the VOMS interface itself.
Jeremy
On 24 May 2012, at 10:41, Robert Frank wrote:
> Hi all,
>
> it's both. Those emails are genuine, so people will have to act on them. The fact that they contain the wrong hostname (the real hostname of the backend machines rather than the official hostname) in the url is a glitch which I have fixed now.
> To sign the AUP you can either replace the hostname in the url or you can got to the VOMS admin page of the VO. If go to you VO user page ("Home" -> "Your vo user home") there's a link where you can sign the AUP.
> There's another catch to that, if you have a certificate that has been signed by the new CA (2B) VOMS might not recognise you due to the mismatch in the CA DN.
> The solution to that problem is to add the DN/CA combination as an additional certificate to the user entry (by a VO admin). A few VOs have already done this. If there are more VO admins out there who haven't then they can contact me and I'll do it for them.
>
> Cheers,
>
> Robert
>
> On 24/05/12 10:07, Mark Slater wrote:
>> Hi Steve,
>>
>> I also got the same for two other VOs I'm part of - Does anyone know if
>> this is genuine or a glitch??
>>
>> Thanks,
>>
>> Mark
>>
>> On 24/05/2012 09:37, Steve Lloyd wrote:
>>> Hi,
>>> Last night I got 5 emails like the one below telling me to sign the
>>> VO-AUP for ltwo (3 emails) and cernatschool (2 emails). In all cases
>>> the link given below times out (some are node001 and some node043).
>>> The deadline to do this is 5.30 tonight i.e less than 24 hrs notice.
>>> What to do?
>>> Cheers Steve
>>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>>>
>>> + Steve Lloyd Queen Mary, University of London +
>>> + E-mail: [log in to unmask] School of Physics and Astronomy +
>>> + Phone: +44-(0)207-882-6967 Mile End Road +
>>> + Fax: +44-(0)207-882-7033 London E1 4NS, UK +
>>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>>>
>>>
>>>
>>>
>>> Begin forwarded message:
>>>
>>>> From: VOMS Admin for VO ltwo<[log in to unmask]>
>>>> Subject: [VOMS Admin] Sign 'VO-AUP' notification for VO 'ltwo'.
>>>> Date: 23 May 2012 17:30:52 GMT+01:00
>>>> To: "[log in to unmask]"<[log in to unmask]>
>>>>
>>>>
>>>> Dear [log in to unmask],
>>>>
>>>> you are requested to sign the VO ltwo AUP
>>>> in order to continue to be part of the ltwo VO.
>>>>
>>>> To sign the AUP, point your browser to the following
>>>> URL:
>>>>
>>>> https://node001.vidar.ngs.manchester.ac.uk:8443/voms/ltwo/aup/sign!input.action?aupId=1
>>>>
>>>>
>>>> Be sure that a trusted and valid certificate linked
>>>> to your VO membership in installed in the browser
>>>> that you use to access the sign aup web page,
>>>> or VOMS Admin will not be able to authenticate you
>>>> properly.
>>>>
>>>> Please sign the AUP before the following date:
>>>>
>>>> Thu May 24 17:30:52 BST 2012
>>>>
>>>> or your VO membership will be automatically suspended
>>>> and you will not be able to obtain VOMS credentials
>>>> for the ltwo VO.
>>>>
>>>> Your sincerely,
>>>> Voms-Admin registration service for VO ltwo
>>>>
|